package com.future.interceptor;

import com.future.pojo.Users;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class OneInterceptor implements HandlerInterceptor {


    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //获取session 如果为空 则直接专挑
        if (request.getSession().getAttribute("admin")==null){
            System.out.println("用户未登录");
            response.sendRedirect("/future/loginpage");
            return false;
        }
        HttpSession session = request.getSession();
        Users user =(Users) session.getAttribute("admin");
        String userLv = user.getUserLv();
        if(!"管理员".equals(userLv)){
            System.out.println("不是管理员");
            return false;
        }
        return true;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
        System.out.println("身份认证拦截...");
    }
}
